| Deutsch English Français Italiano |
|
<102nab5$148mb$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail From: Mateusz Viste <mateusz@not.gonna.tell> Newsgroups: comp.lang.c Subject: Re: Memory protection between compilation units? Date: Sun, 15 Jun 2025 20:27:17 -0000 (UTC) Organization: A noiseless patient Spider Lines: 31 Message-ID: <102nab5$148mb$1@dont-email.me> References: <20250611153239.6bc43323@mateusz> <20250612102857.1632c026@mateusz> <20250612114200.143@kylheku.com> <102gjib$39la2$1@dont-email.me> <20250613141420.25d81b43@mateusz> <20250613165623.00004eb3@yahoo.com> <102kq3e$e9ts$1@dont-email.me> <102mjh5$31ckr$1@paganini.bofh.team> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Injection-Date: Sun, 15 Jun 2025 22:27:18 +0200 (CEST) Injection-Info: dont-email.me; posting-host="5655b8583d477d6ffb6bbf28a09b403a"; logging-data="1188555"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19Iv9Vind1yXA1bMgq6YKmM" User-Agent: PhoNews/3.13.3 (Android/14) Cancel-Lock: sha1:b06ljNDjytWxOgoBoZKA3tbeaLw= In-Reply-To: <102mjh5$31ckr$1@paganini.bofh.team> On 15.06.2025 15:57, antispam@fricas.org wrote: >IIUC in your example the array was global, so compiler knew its >bound and in principle could generate bounds checks. But >I am not aware of C compiler which actually generate such >checks. There was one apparently as early as 1983 :) https://www.doc.ic.ac.uk/~afd/rarepapers/KendallBccRuntimeCheckingsforC.pdf Granted, it wasn’t a full-fledged C compiler, more of a bounds-checking code generator. Still, the paper is a fascinating read and highlights that this topic has been explored for quite some time. A more recent variation on the theme can be seen here (based on GCC BP, abandoned a couple years ago): https://www.cs.purdue.edu/homes/xyzhang/fall07/Papers/TR181.pdf That said, detecting out-of-bounds array access is no panacea. Memory corruption can arise from various sources, such as dangling pointers or poorly managed pointer arithmetic. Hence why I was looking in the direction of the MMU. All compilation units of a program share the same set of TLBs. I figured there might perhaps be a way to isolate a given compilation unit in different TLBs, effectively sandboxing its memory, then make this unit communicate with the rest of the program via shm when shared memory accesses are needed. Of course, even if such solution would be possible, it would not be very practical. Besides, one could easily achieve the same isolation by turning that compilation unit into a standalone, service-providing daemon. Mateusz